package vn.easyticket.webapp.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

@Controller
public class LoginController
{
    @RequestMapping( "login" )
    public ModelAndView getLoginForm( @RequestParam( required = false ) String authfailed, String logout, String denied )
    {
        String message = "";
        if ( authfailed != null )
        {
            message = "Invalid username of password, try again !" + authfailed;
        }
        else if ( logout != null )
        {
            message = "Logged Out Successfully, login again to continue !";
        }
        else if ( denied != null )
        {
            message = "Access denied for this user !";
        }
        else {
            message = "All the fail !";
        }
        return new ModelAndView( "account/login", "message", message );
    }

    @RequestMapping( "user" )
    public String getUserPage()
    {
        return "user";
    }

    @RequestMapping( "admin" )
    public String getAdminPage()
    {
        return "admin";
    }

    @RequestMapping( "403page" )
    public String get403denied()
    {
        return "redirect:login?denied";
    }
    
    @Secured("ROLE_ADMIN")
    @RequestMapping("about")
    public String getAbout() 
    {
        return "about";
    }

}
